pjb2u Posted September 16, 2011 Share Posted September 16, 2011 Hi all, I have a slight annoying issue, I am fairly new to PHP and MYSQL however I have plenty of programming knowledge, and hate the small errors that are hard to spot, can you help please? I have a profile creation page that works (obviously with an insert statement) I have duplicated that page and made it into an edit profile page, everything is working except the update statement, which is as follows: ERROR: (I understand that there is blank data being updated, I tried removing the variable and adding 'aaa' instead, but still got the same error) I also understand that the error is displaying `whos_profile` = '6'' with the quotes around the 6 looking incorrect. However I dont think this is the issue. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'character = '', photographic = '' WHERE `whos_profile` = '6'' at line 1 SUBMIT CODE: $full_name = $_POST['Name']; $gender = $_POST['Gender']; $nationality = $_POST['nationality']; $location = $_POST['Location']; $modelling_category = $_POST['Category']; $hair_colour = $_POST['Hair']; $eye_colour = $_POST['Eyes']; $height = $_POST['Height']; $waist = $_POST['Waist']; $hips = $_POST['Hips']; $shoe_size = $_POST['Shoes']; $bust = $_POST['Bust']; $dress_size = $_POST['Dress']; $whos_profile = $Loggedin; $Fashion = $_POST['Fashion']; $Glamour = $_POST['Glamour']; $Commercial = $_POST['Commercial']; $Editorial = $_POST['Editorial']; $Character = $_POST['Character']; $Photographic = $_POST['Photographic']; $sqlUpdateProfile = "UPDATE profile SET full_name = '$full_name', gender = '$gender', nationality = '$nationality', location = '$location', modelling_category = '$modelling_category', hair_colour = '$hair_colour', eye_colour = '$eye_colour', height = '$height', waist = '$waist', hips = '$hips', shoe_size = '$shoe_size', bust = '$bust', dress_size = '$dress_size', whos_profile = '$whos_profile', fashion = '$Fashion', glamour = '$Glamour', commercial = '$Commercial', editorial = '$Editorial', character = '$Character', photographic = '$Photographic' WHERE `whos_profile` = '$whos_profile'"; mysql_query($sqlUpdateProfile) or die (mysql_error()); HERE IS THE INSERT CODE: $full_name = $_POST['Name']; $gender = $_POST['Gender']; $nationality = $_POST['nationality']; $location = $_POST['Location']; $modelling_category = $_POST['Category']; $hair_colour = $_POST['Hair']; $eye_colour = $_POST['Eyes']; $height = $_POST['Height']; $waist = $_POST['Waist']; $hips = $_POST['Hips']; $shoe_size = $_POST['Shoes']; $bust = $_POST['Bust']; $dress_size = $_POST['Dress']; $whos_profile = $Loggedin; $Fashion = $_POST['Fashion']; $Glamour = $_POST['Glamour']; $Commercial = $_POST['Commercial']; $Editorial = $_POST['Editorial']; $Character = $_POST['Character']; $Photographic = $_POST['Photographic']; $sqlAddProfile = "INSERT INTO profile (`full_name`, `gender`,`nationality`,`location`,`modelling_category`,`hair_colour`,`eye_colour`,`height`,`waist`,`hips`,`shoe_size`,`bust`,`dress_size`,`whos_profile`,`fashion`,`glamour`,`commercial`,`editorial`,`character`,`photographic`) VALUES ('$full_name', '$gender', '$nationality', '$location', '$modelling_category', '$hair_colour', '$eye_colour', '$height', '$waist', '$hips', '$shoe_size', '$bust', '$dress_size', '$whos_profile', '$Fashion', '$Glamour', '$Commercial', '$Editorial', '$Character', '$Photographic')"; mysql_query($sqlAddProfile) or die (mysql_error()); Quote Link to comment Share on other sites More sharing options...
requinix Posted September 16, 2011 Share Posted September 16, 2011 "character" is a reserved word. It needs to be quoted. Quote Link to comment Share on other sites More sharing options...
mikosiko Posted September 16, 2011 Share Posted September 16, 2011 quoted with the identifier quote character which is the backtick `character` Quote Link to comment Share on other sites More sharing options...
fenway Posted September 16, 2011 Share Posted September 16, 2011 Also, at no point did you actually share the query with us. Quote Link to comment Share on other sites More sharing options...
requinix Posted September 16, 2011 Share Posted September 16, 2011 Also, at no point did you actually share the query with us. ...Did you miss the scrollbars? Quote Link to comment Share on other sites More sharing options...
Pandemikk Posted September 18, 2011 Share Posted September 18, 2011 I also strongly advice against insert raw user input into the database. At least escape it. Quote Link to comment Share on other sites More sharing options...
fenway Posted September 19, 2011 Share Posted September 19, 2011 Also, at no point did you actually share the query with us. ...Did you miss the scrollbars? No, I didn't -- that's not SQL, that's PHP. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.